package com.app.config;



import com.app.common.xss.XssFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
 * Filter配置  xss过滤
 */
@Configuration
public class FilterConfig {

    /**
     * xssFilter注册
     */
    @Bean
    public FilterRegistrationBean xssFilterRegistration() {
        XssFilter xssFilter = new XssFilter();
        //这里可以加不被xss过滤的接口
        //xssFilter.setUrlExclusion(Arrays.asList("/notice/update", "/notice/add"));
        FilterRegistrationBean registration = new FilterRegistrationBean(xssFilter);
        //这里 /* 指拦截所有路径
        registration.addUrlPatterns("/*");
        return registration;
    }



}
